Secrets & Lies: Digital Security in a Networked World
Secrets & Lies: Digital Security in a Networked World
Writing Secure Code
Security attribute evaluation method: a cost-benefit approach
Proceedings of the 24th International Conference on Software Engineering
Artificial Intelligence: A Modern Approach
Artificial Intelligence: A Modern Approach
Threat Modeling
The Trustworthy Computing Security Development Lifecycle
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Software Security: Building Security In
Software Security: Building Security In
Optimal security hardening using multi-objective optimization on attack tree models of networks
Proceedings of the 14th ACM conference on Computer and communications security
Alignment of Misuse Cases with Security Risk Management
ARES '08 Proceedings of the 2008 Third International Conference on Availability, Reliability and Security
Guidelines for secure software development
Proceedings of the 2008 annual research conference of the South African Institute of Computer Scientists and Information Technologists on IT research in developing countries: riding the wave of technology
Threat Mitigation, Monitoring and Management Plan - A New Approach in Risk Management
ARTCOM '09 Proceedings of the 2009 International Conference on Advances in Recent Technologies in Communication and Computing
Identifying Security Requirements Hybrid Technique
ICSEA '09 Proceedings of the 2009 Fourth International Conference on Software Engineering Advances
Avoiding Threats Using Multi Agent System Planning for Web Based Systems
ICCCI '09 Proceedings of the 1st International Conference on Computational Collective Intelligence. Semantic Web, Social Networks and Multiagent Systems
Layered security architecture for threat management using multi-agent system
ACM SIGSOFT Software Engineering Notes
Rational choice of security measures via multi-parameter attack trees
CRITIS'06 Proceedings of the First international conference on Critical Information Infrastructures Security
Hi-index | 0.00 |
In turbulent economic times, the cost effectiveness of security measures is of the utmost importance when designing safeguards or countermeasures. This paper presents an optimal approach: MMT-O, Mitigating Multi-Threats Optimally, to meet the above challenges. The proposed approach is based on an optimum mitigation path set generation algorithm that provides optimal plans for threat/vulnerability management which can be adopted at the design level of the software life cycle. In MMT-O, a multi-threat attack graph is generated by combining all of the individual threats responsible for security compromise of the system. It identifies a unique set of attacks needing mitigation by removing redundant nodes, as an attack can be a part of multiple threats. The proposed algorithm, implemented in Java, provides the minimum mitigation paths required to be blocked to avert the threat. Countermeasures using a multi-agent system are inducted in these identified mitigation paths to avert the threat optimally. The proposed approach has been applied on different test cases and the results validate its economic justification over traditional security solutions as a part of proactive threat management.